1 2 3 4 5 6 7INTERNET-DRAFT Leif Johansson 8Intented Category: Experimental Stockholm University 9 10 11 12 A directory (X.500 and LDAPv3) schema for Berkely automounter 13 14 151. Status of this Memo 16 17 This memo describes a directory (LDAP or X.500) schema for storing amd (Berkely- 18 style automounter) mount info maps. The schema is currently beeing supported by 19 the (beta version of the) am-utils version 6 package [AMUTILS]. 20 212. Overview and Rationale 22 23 Directory services such as X.500 [X500] or LDAP [RFC2251] are a natural choice of 24 repository for amd mount map databases. All Object Identifiers in this document 25 are prefixed by amdSchema-id to be assigned later. The relation between this 26 schema and the automount schema elements in [HOWARD] are mostly superficial. The 27 model for the elements in [HOWARD] was the SUN automounter which has quite a 28 different syntax for mount maps. Furthermore the intended usage of this schema 29 differs from that of [HOWARD] in many respects. 30 313. DSA requirements 32 33 Directory servers implementing this schema SHOULD maintain the modifyTimestamp 34 operational attribute. If not the amdMapCacheTtl attribute SHOULD be set to 0 35 indicating to clients that caching of map entries SHOULD be turned off. Clients 36 wishing to use the amdMap schema MAY use the modifyTimestamp information to set 37 the ttl for internal caching schemes. A value of 0 for the amdMapCacheTtl must 38 result in clients turning off any local caching. 39 404. Syntax definitions 41 42 The following attribute syntax is defined in this document: 43 44 amdlocationlist 45 46 This syntax represents a amd map value. This is the syntax expressed in BNF using 47 definitions from [RFC2252]: 48 49 amdlocationlist = amdlocationselection | 50 amdlocationlist whsp "||" whsp amdlocationselection 51 52 amdlocationselection = amdlocation | 53 amdlocationselection whsp amdlocation 54 55 56 57 58Johansson [Page 1] 59 60 61 62 63 64Internet draft Berkeley AMD LDAP Schema 30 March 1998 65 66 67 amdlocation = amdlocationinfo | 68 "-" amdlocationinfo | 69 "-" 70 71 amdlocationinfo = seloropt | 72 amdlocationinfo ";" seloropt | 73 ";" 74 75 seloropt = seletion | 76 optass 77 78 selection = keystring "==" printablestring 79 keystring "!=" printablestring 80 81 optass = keystring 82 83 X.500 servers or LDAPv3 servers (supporting the binary attribute option) may use 84 the following syntax definition: 85 86 AmdLocationList ::= SEQUENCE OF { 87 SEQUENCE OF { 88 location AmdLocation 89 } 90 } 91 92 AmdLocation ::= SET OF { 93 CHOICE { 94 location [0] AmdLocationInfo 95 notlocation [1] AmdLocationInfo 96 not [2] NULL 97 } 98 } 99 100 AmdLocationInfo ::= SET OF { 101 CHOICE { 102 selection [0] AmdSelection 103 option [1] AmdOption 104 } 105 } 106 107 AmdSelection ::= CHOICE { 108 eq [0] AttributeAndValue 109 ne [1] AttributeAndValue 110 } 111 112 AmdOption ::= AttributeAndValue 113 AttributeAndValue ::= SEQUENCE { 114 attribute IA5String 115 116 117 118Johansson [Page 2] 119 120 121 122 123 124Internet draft Berkeley AMD LDAP Schema 30 March 1998 125 126 127 value IA5String 128 } 129 1305. Attribute types 131 132 The following attribute types are defined in this document: 133 134 amdMapName 135 amdMapCacheTtl 136 amdMapEntry 137 amdMapEntryKey 138 amdMapEntryValue 139 140 amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 } 141 142 amdMapName ATTRIBUTE ::= { 143 WITH SYNTAX IA5String 144 EQUALITY MATCHING RULE caseIgoreExactMatch 145 --ID { amdSchema-a 1 } 146 DESCRIPTION 147 "This attribute is the symbolic and in the naming 148 context unique name of an amd map. This corresponds 149 in the case of a flat file database to the name of 150 the file or the mount-point of the map." 151 } 152 153 154 amdMapCacheTtl 155 ATTRIBUTE ::= { 156 WITH SYNTAX Integer 157 EQUALITY MATCHING RULE integerExactMatch 158 --ID { amdSchema-a 2 } 159 SINGLE VALUED 160 DESCRIPTION 161 "The maximum time-to-live for the entries in this 162 map. After this many milliseconds the map has to 163 be cleared from local caches and reloaded. A value 164 of 0 disables caching." 165 } 166 167 amdMapEntry 168 ATTRIBUTE ::= { 169 WITH SYNTAX DistinguishedName 170 EQUALITY MATHCING RULE dNCaseIgnoreExactMatch 171 --ID { amdSchema-a 3 } 172 DESCRIPTION 173 "A multivalued attribute listing the distinguished 174 names of the amdMapEntries making up this amdMap 175 176 177 178Johansson [Page 3] 179 180 181 182 183 184Internet draft Berkeley AMD LDAP Schema 30 March 1998 185 186 187 object." 188 } 189 190 amdMapEntryKey ::= { 191 ATTRIBUTE ::= { 192 WITH SYNTAX IA5String 193 EQUALITY MATCHING RULE stringExactMatch 194 --ID { amdSchema-a 4 } 195 SINGLE VALUED 196 DESCRIPTION 197 "The value of this attribute is usually the name of 198 a mountpoint for this amdMapEntry." 199 } 200 201 amdMapEntryValue ::= { 202 ATTRIBUTE ::= { 203 WITH SYNTAX AmdLocationList 204 --ID { amdSchema-a 5 } 205 DESCRIPTION 206 "This is the actual mount information for the amdMapEntry 207 using the syntax described above." 208 } 209 210 amdMapEntryKey ::= { 211 ATTRIBUTE ::= { 212 WITH SYNTAX IA5String 213 EQUALITY MATCHING RULE stringExactMatch 214 --ID { amdSchema-a 4 } 215 SINGLE VALUED 216 DESCRIPTION 217 "The value of this attribute is usually the name of 218 a mountpoint for this amdMapEntry." 219 } 220 221 amdMapEntryValue ::= { 222 ATTRIBUTE ::= { 223 WITH SYNTAX AmdLocationList 224 --ID { amdSchema-a 5 } 225 DESCRIPTION 226 "This is the actual mount information for the amdMapEntry 227 using the syntax described above." 228 } 229 2306. Object classes 231 232 The following object classes are defined in this document: 233 234 amdMap 235 236 237 238Johansson [Page 4] 239 240 241 242 243 244Internet draft Berkeley AMD LDAP Schema 30 March 1998 245 246 247 amdMapEntry 248 249 defined as follows: 250 251 amdSchema-oc ::= { amdSchema-id 2 } 252 253 amdMap OBJECT-CLASS ::= { 254 SUBCLASS OF { top } 255 KIND auxiliary 256 --ID { amdSchema-oc 1 } 257 MAY CONTAIN { amdMapCacheTtl , cn } 258 MUST CONTAIN { amdMapName , amdMapEntry } 259 } 260 261 amdMapEntry OBJECT-CLASS ::= { 262 SUBCLASS OF { top } 263 KIND structural 264 --ID { amdSchema-oc 2 } 265 MUST CONTAIN { 266 amdMapName , 267 amdEntryKey , 268 amdEntryValue , 269 } MAY CONTAIN 270 { cn } DESCRIPTION "An entry of this 271 object class describes mount information relative to a 272 certain amdMap entry" 273 } 274 2757. Examples 276 277 278 2798. Security Considerations 280 281 Due to the security problems posed by NFS care should be taken not to advertise 282 exported filesystems. Therefore it is often desirable to limit access to entries 283 carrying amd mount map information to those systems to which the corresponding 284 filesystems have been exported. 285 2869. References 287 288 [AMUTILS] 289 am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html 290 291 [RFC2251] 292 M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access 293 Protocol (v3)", RFC 2251, December 1997. 294 295 296 297 298Johansson [Page 5] 299 300 301 302 303 304Internet draft Berkeley AMD LDAP Schema 30 March 1998 305 306 307 [RFC2252] 308 M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory 309 Access Protocol (v3): Attribute Syntax Definitions", RFC 2252, 310 December 1997. 311 312 [RFC2253] 313 M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access 314 Protocol (v3): UTF-8 String Representation of Distinguished 315 Names", RFC 2253, December 1997. 316 317 [HOWARD] 318 Luke Howard, "An Approach for Using LDAP as a Network 319 Information Service", draft-howard-nis-schema-??.txt, Internet 320 draft. 321 322 [X500] 323 ITU something or other. 324 325 326 327Author's Address 328 329 330 Leif Johansson 331 Department of Mathematics 332 Stockholm University 333 S-106 91 Stockholm 334 SWEDEN 335 336 Email: leifj@matematik.su.se 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358Johansson [Page 6] 359 360 361